5 Ways to Implement Site Security to Protect from Website Hackers
Airfare Daily Deals eCigarettes Eyeglasses Hotels Jewelry Online Backup Online Dating Online Printing Online Tickets Skin Care Textbook Rentals Vitamins Web Hosting Weddings
Find thousands of shopping-related forums
SEARCH

5 Ways to Implement Site Security to Protect from Website Hackers

Protect website code from hackers who want to steal passwords from your site database. Website password security protects from online hackers and malicious code.

Hackers want access to your site for several reasons. Your database of customers is valuable, especially if it contains unencrypted passwords, credit cards and other customer information. Hackers also employ a redirect hack that transfers readers from your site to another site such as an online pharmacy or phishing website. You must protect your website from hackers by implementing site security. Website security protects your code and your customers’ information.

Install Antivirus Software on Any Computer Where You Access Website Code

A common method hackers use to access your site is a Javascript hack in PDF files. Javascript runs on PDF files, and malicious code is added to your computer. Installed antivirus software stops the virus dead in its tracks. You receive a warning, the code is not installed on your computer, and your passwords are saved. The malicious code copies the passwords for your website code and sends it to the hacker. Antivirus protects from this hack attempt, but make sure you keep the virus definition files up-to-date.

Scrub Code of Apostrophes When Sending Commands to the Database

Apostrophes indicate the start and the stop mark for a SQL string. Hackers use SQL injection to send malformed commands to your SQL server database. Use stored procedures, or replace one apostrophe with two apostrophes. Two apostrophes indicate a literal, so the SQL server reads it as an actual apostrophe. Stored procedures do not have the apostrophe mark vulnerabilities, so you do not need to scrub out apostrophes, if you use stored procedure technology. SQL injection is mostly common in PHP blogs and websites.

Store Only Encrypted Passwords

Network monitoring software reads the communication packets sent from a user’s computer to your website. Using HTTPS encrypts the data sent between the two computers. You can also store passwords in an encrypted form in the SQL database. Encryption secures the data between readers and the server, so hackers are not able to compromise a user account using “sniffers.”

Monitor the Server Log for Any Unusual Activity

Each web host company provides logs. The logs show you the activity on your server, so you can analyze any type of malicious activity. The server logs can tell you if the same person is trying to “guess” a user password, or if the same IP address continues to hit your server at a fast rate. You can use host filters to block IP addresses from accessing your website in the future.

Avoid Having the Same Code Passwords for Web Host Control Panel or Your FTP Site

When you enter a password into a website, use a separate “online password” for your web browsing. Do not use the same password for online websites as your FTP or web host control panel, so hackers who gain access to your information by hacking an external site cannot simply use the same password for your local website.

Need an answer?
Get insightful answers from community-recommended
experts
in Internet Security on Knoji.
Would you recommend this author as an expert in Internet Security?
You have 0 recommendations remaining to grant today.
Comments (0)
ARTICLE DETAILS
RELATED ARTICLES